package com.example.securitydemo1;

import com.fasterxml.jackson.databind.ObjectMapper;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.password.NoOpPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.HashMap;
import java.util.Map;

@Configuration
//@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Bean
    PasswordEncoder passwordEncoder() {
        return NoOpPasswordEncoder.getInstance();
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.inMemoryAuthentication()
                .withUser("cxyxj")
                .password("123").roles("admin", "user")
                .and()
                .withUser("security")
                .password("security").roles("user");
    }

  /*  @Bean
    @Override
    protected UserDetailsService userDetailsService() {
        return username -> new User("cxyxj", "123",
                AuthorityUtils.commaSeparatedStringToAuthorityList("admin"));
    }*/


    @Override
    protected void configure(HttpSecurity http) throws Exception {

        http.authorizeRequests()  //开启配置
                //.antMatchers("/cxyxj/**").hasRole("admin")   //访问/cxyxj/**下的路径，必须具备admin身份
                //.antMatchers("/security/**").hasRole("user") //访问/security/**下的路径，必须具备user身份
               // .antMatchers("/permitAll").permitAll()  // 访问/permitAll路径，不需要登录
                .anyRequest() //其他请求
                .authenticated()//验证   表示其他请求只需要登录就能访问
                .and()
                .formLogin()
                .loginPage("/login.html") //登录页面
                .loginProcessingUrl("/auth/login") //登录接口
                .usernameParameter("account") //用户名字段
                .passwordParameter("pwd") //密码字段
                .defaultSuccessUrl("/hello")  //登录成功的回调
                .permitAll() // 上述 formLogin() 的页面、接口放行
                .and()
                .logout()  //开启注销登陆
                .logoutUrl("/auth/logout") //注销请求url
                .logoutSuccessUrl("/login.html") //注销成功后要跳转的页面
                .deleteCookies()  // 清除 cookie
                .clearAuthentication(true) //清除认证信息
                .invalidateHttpSession(true) //使session失效
                .permitAll()
                .and()
                .csrf().disable();

    }

  /*  @Override
    protected void configure(HttpSecurity http) throws Exception {

        http.authorizeRequests()  //开启配置
                .antMatchers("/cxyxj/**").hasRole("admin")   //访问/cxyxj/**下的路径，必须具备admin身份
                .antMatchers("/security/**").hasRole("user") //访问/security/**下的路径，必须具备user身份
                .antMatchers("/permitAll").permitAll()  // 访问/permitAll路径，不需要登录
                .anyRequest() //其他请求
                .authenticated()//验证   表示其他请求只需要登录就能访问
                .and()
                .formLogin()
                .loginPage("/login.html") //登录页面
                .loginProcessingUrl("/auth/login") //登录接口
                .usernameParameter("account") //用户名字段
                .passwordParameter("pwd") //密码字段
                .successHandler(new MyAuthenticationSuccessHandler())
                .failureHandler(new MyAuthenticationFailureHandler())
                .permitAll()
                .and()
                .logout()
                .logoutUrl("/auth/logout") //注销请求url
                .logoutSuccessHandler(new MyLogoutSuccessHandler())
                .permitAll()
                .and()
                .csrf().disable().exceptionHandling().authenticationEntryPoint(new MyAuthenticationEntryPoint());
    }*/
}
